CVE-2025-15605
Received Received - Intake
Hardcoded Key in TP-Link Archer NX Series Enables Config Data Tampering

Publication date: 2026-03-23

Last updated on: 2026-03-31

Assigner: TPLink

Description
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-23
Last Modified
2026-03-31
Generated
2026-05-07
AI Q&A
2026-03-23
EPSS Evaluated
2026-05-05
NVD
CVE-2025-15605
EUVD
EUVD-2025-208943
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
tp-link archer_nx600_firmware to 1.3.0 (exc)
tp-link archer_nx500_firmware to 1.5.0 (exc)
tp-link archer_nx210_firmware to 1.3.0 (exc)
tp-link archer_nx200_firmware to 1.3.0 (exc)
tp-link archer_nx600_firmware to 1.4.0 (exc)
tp-link archer_nx500_firmware to 1.3.0 (exc)
tp-link archer_nx200_firmware to 1.8.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
CWE-321 The product uses a hard-coded, unchangeable cryptographic key.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves a hardcoded cryptographic key in the configuration mechanism of certain TP-Link Archer devices (NX200, NX210, NX500, and NX600). Because the key is hardcoded, an authenticated attacker can use it to decrypt the device's configuration files, modify them, and then re-encrypt them. This compromises the confidentiality and integrity of the device's configuration data.


How can this vulnerability impact me? :

The vulnerability allows an authenticated attacker to access and alter the device's configuration data. This can lead to unauthorized changes in device settings, potentially disrupting network operations, weakening security controls, or exposing sensitive configuration information. The compromise of confidentiality and integrity of configuration data can result in broader security risks within the affected network.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart